Design And Realization Of Hardware Trojan Based On Side-channel Analysis

With the continuous development of integrated circuit technology, the design and production process of chip become more and more complex. To control the consistence during the safe production of chips gets harder and harder for designers, this makes hardware torjan a new threat in the security of chip. Hardware torjan or malicious circuit is a circuit which tampers the original circuit. In addition to the destruction of the chip security it has the ability to hide itself to some extent. The study of detection and implatation of a hardware torjan is in the initial stage at present. Especially for the detection of a hardware torjan, there is not a more effective method to detect hardware trojans besides reverse analysis of a chip. The study and implement of implating a hardware torjan in a security chip is in important sense for the technology of offense and defense security imformation and the study of practical techniques of detecting a hardware torjan.Using the implement characteristics of Differential Power Analysis technique, our study succeed in studying and implementing a technique to hide a hardware trojan based on DPA attack. The main idea is, on the one hand, increasing the correlation between power and signal using the trojan in the chip and decreasing the difficulty of using DPA technique to get key in encyptioin algorithm. On the other hand, using effective information transformation logic to hide the trojans and make general detection using the techniques for detecting hidden danger for DPA attack difficult to find the trojans.The study of this thesis includes:Firstly, we have analysed the loophole of AES encryption algorithm and on account of loophole we have acomplished the experiment of DPA attack and get the encrypted information successfully.Secondly, we have implemented the software platform which can analyse the strength of a DPA attack and filter data automatically. It can also make quantitative analysis to the anti-attack capability of a chip.Thirdly, we have studied the implemention mechanism of the internal information transformation and enlarging the correlation of power in the hardware torjan based on power attack. We have designed and implemented the hardware trojan implatation in the chip using AES encryption algorithm, reconstructed the correlation of information. And we have tested and verified the effectiveness and concealment of the chip.The result of the experiment demonstrates that the hardware trojan we mention in this thesis occupys about 0.19% of the whole chip and it has good ability to hide itself. It can get the encrypted information when the number of the samples reaches 500. By contrast to the original attack, the efficiency of attack increases about 50%.